Professional Documents
Culture Documents
Vision
Guided by the core values of Fortitude, Excellence and Uprightness, Far Eastern University aims to be a university of choice in Asia
Mission
Committed to the highest intellectual, moral and cultural standards, it strives to produce principled and competent graduates. It nurtures a service-oriented and environment conscious
community which seeks to contribute to the advancement of the global society.
Quality Policy
Far Eastern University is committed to providing quality educational services. Each person is expected to do the job right the first time with the intention of consistently satisfying the
requirement of our students, other members of FEU community, and external parties. Under any given circumstances we shall adhere to all the requirements and standards for continuous
improvement and effectiveness of the quality management systems.
Vision
Far Eastern University – Institute of Accounts, Business and Finance (IABF) envisions itself to be the preferred business school in Asia.
Mission
The Institute of Accounts, Business and Finance is committed to produce principled and competent business graduates, espousing Fortitude, Excellence and Uprightness. IABF will promote
community engaged, service-oriented individuals who will shape and build strong organization in the future.
DEPARTMENT OF ACCOUNTANCY
Vision
Guided by the core values (Fortitude, Excellence and Uprightness) of a true-blooded Tamaraw, the Accountancy Program of FEU– IABF envisions itself as a Center of Excellence in
Accountancy Education.
Mission
It commits to develop future responsible accounting professionals through holistic accountancy curriculum, extensive and innovative delivery of instruction, competent and highly qualified
faculty, state-of-the-art facilities, industry and community-based researches, practical-based student apprenticeship program and extensive community.
Course Title: Auditing in CIS Environment
Course Code : ACT1208/AUDCIS
Credits : Three (3) units
Prerequisite : ACT1111
Course Description : This course is intended to provide understanding of the IT audit profession, emphasizing on how IT audit provides organizations and auditors the
ability to effectively assess financial information’s validity, reliability, and security. Emphasizing on essential principles, knowledge, and skills on how
to control and assess IT systems; legislation relevant to IT auditors and its impact on the IT field; and significance of tools and computer-assisted audit
techniques (CAATs) when performing audit work. At the end of the course, students are expected to be prepared for the global examination of
Certified Information Systems Auditor (CISA) and Certified Internal Auditor (CIA).
7-8 Module 3. IT Governance 1. Describe IT governance and explain the significance Discussion on the [CP6] Listed and react to [PQ3]
and Strategy of aligning IT with business objectives. learning content the podcast: The Evolving Formative
1. IT Governance – 2. Describe relevant IT governance frameworks. Role of Technology Pre-quiz 3
Alignment of IT with 3. Explain the importance of implementing IT Governance
Business Objectives performance metrics within the organization, [QZ3]
2. IT Governance particularly, the IT Balanced Scorecard. Describe the Formative
Frameworks steps in building an IT Balanced Scorecard and Quiz 3
3. IT Performance illustrate supporting example.
Metrics 4. Discuss the importance of regulatory compliance
4. Regulatory Compliance and internal controls in organizations.
and Internal Controls 5. Define IT strategy and discuss the IT strategic plan,
5. IT Strategy and its significance in aligning business objectives
6. IT Steering Committee with IT.
7. Communication 6. Explain what an IT Steering Committee is and
8. Operational Planning describe its tasks in an organization.
7. Discuss the importance of effective communication
of the IT strategy to members of the organization.
8. Describe the operational governance processes and
how they control delivery of IT projects, while
aligning with business objectives.
9 Midterm Examination
10 Module 4. The IT Audit 1. Describe what audit universe is and illustrate Discussion on learning [CP7] Listen and react to [PQ4]
Process example. content the podcast: Creating Value Formative
Time Learning Content Learning Outcomes Strategy / Methodology Student Output Evaluation /
Frame- / Activities Assessment
Week
1. Audit Universe 2. Define control objectives for information and related by Taking Risks and Pre-quiz 4
2. COBIT technology and explain why they are useful for Overcoming Fear of Failure
3. Risk Assessment organizations and auditors.
4. Audit Plan 3. Explain what a risk assessment is and its significance [CP8] Do the group [QZ4]
5. Audit Process to the audit function. Illustrate an example of a risk exercise: The IT Audit Formative
6. Other Types of IT Audit assessment following the National Institute of Process Quiz 4
Standards and Technology methodology.
4. Define the audit process and describe the phases of [CS1] Finish StellenTek Case
an IT audit engagement. Study
5. Discuss other types of audits conducted in IT.
11-12 Module 5. Tools and 1. Define auditor productivity tools and describe how Discussion on learning [CP8] Short Case – Change [PQ5]
Techniques Used in they assist the audit process. content Control Management Formative
Auditing IT 2. Describe techniques used to document application Process Pre-quiz 5
1. Audit Productivity systems, such as flowcharting, and how these Introduce TechWear
Tools techniques are developed to assist the audit process. Case Study and [CS2] Start TechWear [Q5]
2. System 3. Explain what Computer-Assisted Audit Techniques Resources Casestudy and watch Formative
Documentation (CAATs) are and describe the role they play in the related videos Quiz 5
Techniques to performance of audit work. Discuss and
Understand 4. Describe how CAATs are used to define sample size demonstrate usage of [CS3] Perform ACL
Application Systems and select the sample. ACL (Audit Command Exercises – ACL Data
3. Flowcharting 5. Describe the various CAATs used for reviewing Language) by Galvanize Analysis Project
4. CAATs applications, particularly, the audit command
5. Auditing Around the language (ACL) audit software.
Computer Versus 6. Describe CAATs used when auditing application
Auditing Through the controls.
Computer 7. Describe CAATs used in operational reviews.
6. Computer Forensics 8. Differentiate between “Auditing Around the
Tools Computer” and “Auditing Through the Computer.”
9. Describe computer forensics and sources to evaluate
computer forensic tools and techniques.
Time Learning Content Learning Outcomes Strategy / Methodology Student Output Evaluation /
Frame- / Activities Assessment
Week
13-14 Module 6. Internal 1. Discuss what are information technology general Discussion on learning
Control Information controls (ITGCs) and why is it important and relevant content
Technology General to a business
Controls (ITCG) 2. Discuss the common ITGCs: manage access process,
1. Introduction to ITGCs manage program and system change process, and
2. ITGC Basics manage IT operations process
3. Evaluating ITGCs 3. Understand, for each of the three ITGC processes,
4. Audit response to the typical IT risk, typical ITGCs that address such
ineffective ITGC risks, typical testing of the ITGCs, and the typical IT-
substantive testing that an auditor might perform in
case ITGCs are not tested or are found to be
ineffective due to inadequate design or operation of
control.
4. Understand the importance of effective ITGC, and
the implications of ineffective ITGCs for audit and for
the audit opinion on internal control over financial
reporting
15-16 Module 7. Application 1. Discuss common risks associated with application Discussion on learning [CP9] Short Case – Input [PQ7]
Systems: Risks and systems. content Controls Formative
Controls 2. Discuss common risks associated with end-user Pre-quiz 7
1. Application System development application systems. Case-studies [CS2] Continue TechWear
Risks 3. Discuss risks to systems exchanging business Casestudy and watch
2. End-user Development information and describe common standards for related videos [Q7]
Application Risks their audit assessments. Formative
3. Risks to Systems 4. Describe Web applications, including best secure Quiz 7
Exchanging Electronic coding practices and common risks.
Business Information 5. Explain application controls and how they are used
4. Web Application Risks to safeguard the input, processing, and output of
5. Application Controls information.
6. IT Auditor’s 6. Discuss the IT auditor’s involvement in an
Involvements examination of application systems.
Time Learning Content Learning Outcomes Strategy / Methodology Student Output Evaluation /
Frame- / Activities Assessment
Week
17 Module 8. Information 1. Describe the importance of information security to Discussion on learning [CP10] Short Case – [PQ8]
Security organizations, and how information represents a content Information Security Audit Formative
1. Information Security critical asset in today’s business organizations. Program Pre-quiz 7
2. Information Security in 2. Discuss recent technologies that are revolutionizing Case-studies
the Current IT organizations’ IT environments and the significance [CS2] Finish TechWear [QZ8]
Environment of implementing adequate security to protect the Casestudy and watch Formative
3. Information Security information. related videos Quiz 7
Threats and Risks 3. Discuss information security threats and risks, and
4. Information Security how they represent a constant challenge to
Standards information systems.
5. Information Security 4. Describe relevant information security standards and
Policy guidelines available for organizations and auditors.
6. Information Security 5. Explain what an information security policy is and
Roles and illustrate examples of its content.
Responsibilities 6. Discuss roles and responsibilities of various
7. Information Security information system groups within information
Controls security.
8. Selection and Testing 7. Explain what information security controls are, and
of Information Security their importance in safeguarding the information.
Controls 8. Describe the significance of selecting, implementing,
9. Involvement in an and testing information security controls.
Information Security 9. Describe audit involvement in an information
Audit security control examination and provide reference
information on tools and best practices to assist such
audits.
18 Final Examinations
CLASSROOM POLICIES
It is the responsibility of the learner to come to each class prepared. He/she is also expected to take all examinations on the scheduled date. He/she should read the
assigned problems prior to class discussion. He/she is expected to attend each class and participate actively in the discussions.
POLICY ON ABSENCES
The students are allowed only 20% of the total number of hours in a semester for absences. Hence, the allowed number of absences for a student enrolled in a 3-unit
subject or 6-unit subject is a maximum of six (6) absences during regular semester. Request for excused absences or waiver of absences must be presented prior to
occurrence of absence or immediately upon reporting back to class, whichever is applicable. Special examinations will be given only in special cases, such as prolonged
illness. It is the responsibility of the student to monitor his/her own tardy incidents and absences that might accumulate leading to the grade of 5.00 or F. It is also his/her
responsibility to consult with the concerned faculty member, program head, Dean should his/her case be of special nature.
Note: Always refer to the Student Handbook for academic policies.
COURSE REQUIREMENTS
Assignments, Quizzes, Major Exams, Output Presentation
GRADING SYSTEM
Computation of Periodic Grades
IV. RETENTION GRADE - (QUALITY POINT AVERAGE (QPA) CUMULATIVE PER YEAR LEVEL
BACHELOR OF SCIENCE IN BACHELOR OF SCIENCE IN
ACCOUNTANCY INTERNAL AUDITING
YEAR LEVEL FAR EASTERN UNIVERSITY (BSA) (BSIA)
First Year 1.2 1.2 1.2
Second Year 1.5 1.6 1.5
Third Year 1.8 2.0 1.8
Fourth Year 2.0 2.4 2.0
REYMARK LAZO
JEROMY ORANGA RAMIL N. BALDRES EARL JOSEPH BORGOÑA
Instructor – Auditing in a CIS Environment Program Head – Accountancy & Internal Auditing OIC-Dean - IABF